OPNsense Forum
English Forums => General Discussion => Topic started by: fox983 on September 28, 2015, 06:11:46 pm
-
Hello, in regard of proxy (transparent mode), it should block navigation if I set in blacklist a specific website. In fact it blocks only HTTP, not HTTPS. How can I set it right?
PS: Is it possible without proxy?
Thank you
-
You cant block HTTPS since its a secure connection.
-
Reply by myself, Domain Overrides trought DNS Forworder could be the solution. It can be useful to someone.....?
-
MITM support for the proxy isn't built in, although squid is a capable. You can configure it manually. I have no ETA on when this will be available in the GUI.
-
PS: Is it possible without proxy?
This seems to work ...
Firewall -> Aliases -> Add new alias
Name: facebook
Description: facebook
Type: Host(s)
Host(s): www.facebook.com
-> Save
Firewall -> Rules -> LAN -> add new rule
Action: Reject
Protocol: TCP
Destination: facebook
Description: Block facebook
-> Save
-
Thank you all, which one is better to set, mine (Domanin Overrides) or juha's (Firewall Alias)?
-
I normally prefer using squid. Something like:
acl donotsurfatwork dstdomain .facebook.com (and .ebay.com .twitter.com etc. pp.)
http_access deny CONNECT donotsurfatwork
http_reply_access deny donotsurfatwork
But I have no idea if this works on OPNsense right now..
Still hoping to see support for compressed acl-lists ^^